Closed
Bug 1271732
Opened 8 years ago
Closed 6 years ago
Crash on restart (SIGSEGV at 0x0) [@ nsQueryInterface::operator() | imgRequestProxy::UnblockOnload
Categories
(SeaMonkey :: General, defect)
Tracking
(seamonkey2.45 affected, seamonkey2.46 affected, seamonkey2.47 affected)
RESOLVED
WONTFIX
People
(Reporter: tonymec, Unassigned)
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is report bp-f9bf68e3-b4b7-423f-a561-273dc2160510. ============================================================= This happened today when restarting with add-ons "not" disabled. One browser window and ChatZilla, no mail. Session restore (choosing the latest session in the crash-restart dialog from the Session Manager 0.8.1.12 extension) did not crash again. Since this build had no symbols, I'll add at the bottom of this report a handmade analysis of the top of the crash, made with the help of the crashreporter-symbols.zip But first, the CSIDs from the seamonkey-*.txt that came with the build: 20160510030701 http://hg.mozilla.org/mozilla-central/rev/1579b9e2e50f3a27ad02d58cc9170c91e0973fec http://hg.mozilla.org/comm-central/rev/f5a466d560c4 Then, the crash report header from Socorro: Signature libxul.so@0xce472a | libxul.so@0x1486c98 | libxul.so@0x1478012 | libxul.so@0x14781e9 | libxul.so@0x147852c | libxul.so@0x147ab1a | libxul.so@0x147c3ec | libxul.so@0x1489807 | libxul.so@0xcd388e | libxul.so@0xcdac32 | libxul.so@0x11d6ea4 | libxul.so@0x1... More Reports Search UUID f9bf68e3-b4b7-423f-a561-273dc2160510 Date Processed 2016-05-10T16:45:42.264735+00:00 Uptime 138 Last Crash 218310 seconds before submission Install Age 6704 since version was first installed. Install Time 2016-05-10 14:35:19 Product SeaMonkey Version 2.46a1 Build ID 20160510030701 Release Channel default OS Linux OS Version 0.0.0 Linux 4.1.21-14-default #1 SMP PREEMPT Sun Apr 17 07:27:45 UTC 2016 (fc187c1) x86_64 Build Architecture amd64 Build Architecture Info family 6 model 23 stepping 10 | 2 Crash Reason SIGSEGV Crash Address 0x0 User Comments during (or immediately after) restart with add-ons not disabled ("Help → restart with Add-ons Disabled" and untick the dialog checkbox). Many tabs but with "load on demand". App Notes FP(D000-L10000-W00000000-T0000) OpenGL: Intel Open Source Technology Center -- Mesa DRI Intel(R) Q45/Q43 -- 2.1 Mesa 11.0.8 -- texture_from_pixmap Processor Notes processor_ip-172-31-12-5_1300; MozillaProcessorAlgorithm2015; SignatureTool: signature truncated due to length; skunk_classifier: reject - not a plugin hang EMCheckCompatibility False Winsock LSP None Adapter Vendor ID Adapter Device ID Now here comes an interpretation of the stack top: 0 libxul@0xce472a in nsQueryInterface::operator() 1 libxul@0x1486c98 in imgRequestProxy::UnblockOnload 2 libxul@0x1478012 in mozilla::image::ImageObserverNotifier<const mozilla::image::ObserverTable*>::operator()<mozilla::image::SyncNotifyInternal(const T&, bool, mozilla::image::Progress, const nsIntRect&) [with T = const mozilla::image::ObserverTable*; mozilla::image::Progress = unsigned int; nsIntRect = mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits>]::__lambda6> 3 libxul@0x14781e9 in mozilla::image::SyncNotifyInternal<const mozilla::image::ObserverTable*> 4 libxul@0x147852c in mozilla::image::ProgressTracker::SyncNotifyProgress 5 libxul@0x147ab1a in mozilla::image::RasterImage::NotifyProgress 6 libxul@0x147c3ec in mozilla::image::RasterImage::FinalizeDecoder 7 libxul@0x1489807 in mozilla::image::NotifyDecodeCompleteWorker::Run 8 libxul@0xcd388e in nsThread::ProcessNextEvent 9 libxul@0xcdac32 in NS_InvokeByIndex 10 libxul@0x11d6ea4 in XPCWrappedNative::CallMethod 11 libxul@0x11deabb in XPC_WN_CallMethod 12-18 at 7f07???????? with no module name 19 libxul@0x2b23c66 in EnterBaseline 20 libxul@0x2b2aa6a in js::jit::EnterBaselineMethod 21 libxul@0x2e7f8b1 in Interpret etc. The stack runs to 75 lines in all, I'll keep the crashreporter-symbols.zip so I can add more lines if requested, as long as Socorro doesn't trash the stack. Please adjust the Product::Component and Crash Signature as appropriate.
|
Reporter | |
Comment 1•8 years ago
|
||
P.S. bp-d07e9fb0-c13b-4a43-8ec5-369542160508 which I had day before yesterday and has symbols, was also on startup and also at nsQueryInterface::operator() but the rest of the thack was different.
|
|
Reporter | |
Comment 2•8 years ago
|
||
P.P.S. bp-c1547733-9a3c-4046-9ba8-0e0dc2160310 in a March 8 build looks similar to this one (also on restart and similar alternation of libxul and no-module addresses) but I haven't kept the build files for this no-symbols build.
|
|
Reporter | |
Updated•8 years ago
|
status-seamonkey2.45:
--- → affected
|
||
Comment 3•8 years ago
|
||
Re crashreporter-symbols.zip is it small enough to be attached to this bug? Bugzilla may have some size limits.
|
|
Reporter | |
Comment 4•8 years ago
|
||
(In reply to Philip Chee from comment #3) > Re crashreporter-symbols.zip is it small enough to be attached to this bug? > Bugzilla may have some size limits. crashreoprter-symbols.zip is 47643314 bytes in length. I don't think Bugzilla will accept it.
|
|
Reporter | |
Comment 5•8 years ago
|
||
P.S. After unpacking, the part concerning only libxul is 165021706 bytes. Bugzilla will /a fortiori/ not accept it. I haven't tried zipping (or gzipping or bzip2ping) it separately of the rest.
|
|
Reporter | |
Comment 6•8 years ago
|
||
I've downloaded the Socorro crash page mentioned in comment #0 so I'll be able (on request) to add more interpreted lines to the stack dump above even after Socorro trashes it.
|
|
Reporter | |
Comment 7•8 years ago
|
||
I haven't had this crash again in almost a momnth, but checking the recent crash reports for this signature seems to say it's still very productive: I see a huge lot of Thunderbird crashes, and now and then also SeaMonkey, Firefox and FennecAndroid. Hard for me to tell if all these crashes have a common cause or if this signature may be due to various reasons. Wayne?
Flags: needinfo?(vseerror)
|
|
Reporter | |
Comment 8•8 years ago
|
||
bp-ee07c5d1-8581-4679-8378-3bc442160616 User agent: Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 SeaMonkey/2.47a1 Build identifier: 20160615050304 http://hg.mozilla.org/mozilla-central/rev/14c5bf11d37b9e92d27f7089d9392de2ac339bb3 http://hg.mozilla.org/comm-central/rev/abd1ef9761da crash during restart after changing lightweight theme; the "new" cZ and browser windows (with new lightweight theme and default complete theme) had appeared but tabs were still loading This is an hourly build: Socorro has no symbols for it, but decoding by means of its crashreporter-symbols.zip gives the same signature: 0 libxul.so@0xcff2e0 in nsQueryInterface::operator() 1 libxul.so@0x1509444 in imgRequestProxy::UnblockOnload 2 libxul.so@0x14fa982 in mozilla::image::ImageObserverNotifier<const mozilla::image::ObserverTable*>::operator()<mozilla::image::SyncNotifyInternal(const T&, bool, mozilla::image::Progress, const nsIntRect&) [with T = const mozilla::image::ObserverTable*; mozilla::image::Progress = unsigned int; nsIntRect = mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits>]::__lambda6> 3 libxul.so@0x14fab59 in mozilla::image::SyncNotifyInternal<const mozilla::image::ObserverTable*> 4 libxul.so@0x14fae9c in mozilla::image::ProgressTracker::SyncNotifyProgress 5 libxul.so@0x14fd47c in mozilla::image::RasterImage::NotifyProgress 6 libxul.so@0x14fed3c in mozilla::image::RasterImage::FinalizeDecoder 7 libxul.so@0x150bfb3 in mozilla::image::NotifyDecodeCompleteWorker::Run 8 libxul.so@0xcee2a4 in nsThread::ProcessNextEvent 9 libxul.so@0xcf57fc in NS_InvokeByIndex 10 libxul.so@0x124f5c6 in XPCWrappedNative::CallMethod 11 libxul.so@0x125732d in XPC_WN_CallMethod 12-18 above 0x7f8c00000000 in system code 19 libxul.so@0x2c05766 in js::jit::ICGetElem_TypedArray::Compiler::getStub etc. This time the stack runs to 108 lines. Again, I'm saving the crash-stats.m.c page and the crashreporter-symbols.zip just in case. The latter is too big for a bz attachment but NEEDINFO me if you want me to try and mail it to you.
status-seamonkey2.47:
--- → affected
Flags: needinfo?(vseerror)
|
|
Reporter | |
Comment 9•8 years ago
|
||
bp-7b2403eb-fb31-4cc4-b0ea-688722160701 User agent: Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 SeaMonkey/2.47a1 Build identifier: 20160625075045 User agent: Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 SeaMonkey/2.47a1 Build identifier: 20160625075045 Already a week old but's the last L64 tinderbox-build so far. Socorro header section: Signature libxul.so@0xd335f2 | libxul.so@0x1543818 | libxul.so@0x1534d4c | libxul.so@0x1534f23 | libxul.so@0x1535266 | libxul.so@0x1537846 | libxul.so@0x1539106 | libxul.so@0x1546387 | libxul.so@0xd225d0 | libxul.so@0xd29b26 | libxul.so@0x128a1a9 | libxul.so@0x1... More Reports Search UUID 7b2403eb-fb31-4cc4-b0ea-688722160701 Date Processed 2016-07-01 04:28:36 Uptime 129 seconds (2 minutes and 9 seconds) Last Crash 1,283,676 seconds before submission (2 weeks, 20 hours and 34 minutes) Install Age 447,876 seconds since version was first installed (5 days, 4 hours and 24 minutes) Install Time 2016-06-26 00:03:34 Product SeaMonkey Version 2.47a1 Build ID 20160625075045 Release Channel default OS Linux OS Version 0.0.0 Linux 4.1.24-19-default #1 SMP PREEMPT Tue May 17 13:51:19 UTC 2016 (83a20ae) x86_64 Build Architecture amd64 Build Architecture Info family 6 model 23 stepping 10 | 2 Crash Reason SIGSEGV Crash Address 0x0 User Comments during restart App Notes FP(D000-L10000-W00000000-T0000) OpenGL: Intel Open Source Technology Center -- Mesa DRI Intel(R) Q45/Q43 -- 2.1 Mesa 11.0.8 -- texture_from_pixmap libGL.so.1? libGL.so.1+ GL Context? GL Context+ Processor Notes processor_ip-172-31-42-211_1298; MozillaProcessorAlgorithm2015; SignatureTool: signature truncated due to length; skunk_classifier: reject - not a plugin hang EMCheckCompatibility False Winsock LSP None Adapter Vendor ID Adapter Device ID Socorro lacks symbols for this tinderbox-build; here's my interpretation of the top-of-stack by means of its crashreporter-symbols.zip (the 12 top elements are still the same as before): 0 libxul.so@0xd335f2 in nsQueryInterface::operator() 1 libxul.so@0x1543818 in imgRequestProxy::UnblockOnload 2 libxul.so@0x1534d4c in mozilla::image::ImageObserverNotifier<const mozilla::image::ObserverTable*>::operator()<mozilla::image::SyncNotifyInternal(const T&, bool, mozilla::image::Progress, const nsIntRect&) [with T = const mozilla::image::ObserverTable*; mozilla::image::Progress = unsigned int; nsIntRect = mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits>]::__lambda6> 3 libxul.so@0x1534f23 in mozilla::image::SyncNotifyInternal<const mozilla::image::ObserverTable*> 4 libxul.so@0x1535266 in mozilla::image::ProgressTracker::SyncNotifyProgress 5 libxul.so@0x1537846 in mozilla::image::RasterImage::NotifyProgress 6 libxul.so@0x1539106 in mozilla::image::RasterImage::FinalizeDecoder 7 libxul.so@0x1546387 in mozilla::image::NotifyDecodeCompleteWorker::Run 8 libxul.so@0xd225d0 in nsThread::ProcessNextEvent 9 libxul.so@0xd29b26 in NS_InvokeByIndex 10 libxul.so@0x128a1a9 in XPCWrappedNative::CallMethod 11 libxul.so@0x1290a6d in XPC_WN_CallMethod 12 @0x7fbb8871541c 13 @0x7fbb85b905e7 14 @0x7fbba74ef84e 15 libxul.so@0x2c48906 in EnterBaseline 16 libxul.so@0x2c6f1bf in js::jit::EnterBaselineAtBranch 17 libxul.so@0x2f8cba6 in Interpret 18 libxul.so@0x2f8f2fe in js::RunScript 19 libxul.so@0x2f8f534 in js::InternalCallOrConstruct 20 libxul.so@0x2c82938 in js::jit::DoCallFallback 21 @0x7fbba74f888f 22 @0x7fbb852438af 23 @0x7fbb88716483 24 @0x7fbb8520bfa7 25 @0x7fbba74ef84e 26 libxul.so@0x2c48906 in EnterBaseline 27 libxul.so@0x2c6f1bf in js::jit::EnterBaselineAtBranch 28 libxul.so@0x2f8cba6 in Interpret 29 libxul.so@0x2f8f2fe in js::RunScript 30 libxul.so@0x2f8f534 in js::InternalCallOrConstruct 31 libxul.so@0x2f8f9b5 in js::Call 32 libxul.so@0x2ef54d8 in js::Wrapper::call 33 libxul.so@0x2ee8670 in js::CrossCompartmentWrapper::call 34 libxul.so@0x2eee2ff in js::Proxy::call 35 libxul.so@0x2eeec29 in js::proxy_Call 36 libxul.so@0x2f8f8b6 in js::InternalCallOrConstruct 37 libxul.so@0x2c82938 in js::jit::DoCallFallback 38 @0x7fbba74f888f 39 @0x7fbb4cf0f2a7 40 libxul.so@0x45987ff in ??? (last symbol 0x321cf40 = iJIT_GetNewMethodID) 41 libxul.so@0x45989af in ??? (last symbol 0x321cf40 = iJIT_GetNewMethodID) 42 libxul.so@0x2d1e7bd in js::jit::IonCannon 43 libxul.so@0x2c2262f in EnsureNewArrayElements at the very end 44 libxul.so@0x49367ff in ??? (last symbol 0x321cf40 = iJIT_GetNewMethodID) 45 libxul.so@0x2f675df in js::ExecuteState::pushInterpreterFrame at the very end 46 libxul.so@0x2d23162 in js::jit::CanEnter 47 libxul.so@0x2f8f3f0 in js::RunScript 48 libxul.so@0x2c75b9c in js::InternalBarrierMethods<JS::Value>::postBarrier 49 libxul.so@0x2f9b80a in js::ProxyObject::New 50 libxul.so@0x2f8f534 in js::InternalCallOrConstruct 51 libxul.so@0x4938c8f in ??? (last symbol 0x321cf40 = iJIT_GetNewMethodID) 52 libxul.so@0x2f8f9b5 in js::Call 53 libxul.so@0x2e96e8a in js::fun_call etc. Bottom line is #73.
|
|
Reporter | |
Comment 10•8 years ago
|
||
P.S. http://hg.mozilla.org/mozilla-central/rev/0e073f5ca38a002d43e92016ee40d686da4a0534 http://hg.mozilla.org/comm-central/rev/ab9359275942
|
||
Comment 11•6 years ago
|
||
Closing because no crash reported since 12 weeks.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•